Central Manager running on a VM keeps losing connectivity to the Security Analytics sensors
book
Article ID: 169019
calendar_today
Updated On:
Products
Security Analytics
Issue/Introduction
A CMC on a VM may lose network connectivity about once per day. Rebooting brings the connection back up but rebooting everyday may not be acceptable. It was reported that TCP segmentation could be done by the CPU to resolve the problem. Typically the NIC does the segmentation for performance reasons.
In computer networking, large segment offload (LSO) is a technique for increasing outbound throughput of high-bandwidth network connections by reducing CPU overhead. It works by queuing up large buffers and letting the network interface card (NIC) split them into separate packets. The technique is also called TCP segmentation offload (TSO) when applied to TCP,
Resolution
The solution is to disable TCP Segmentation Offload with:
/usr/sbin/ethtool -K eth0 tso off
To check the setting, run ethtool -k | grep segmentation